News

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info

CrowdStrike, data breach, data theft, Don't miss, F5 Networks, Hot stuff, IOActive, Mandiant, NCC Group, NCSC, networking, News, source code /

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info 2025-10-15 at 18:39 By Zeljka Zorz US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company confirmed today. BIG-IP vulnerabilities are often […]

React to this headline:

Loading spinner

F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info Read More »

Microsoft patches three zero-days actively exploited by attackers

0patch, Don't miss, drivers, Hot stuff, Immersive, Microsoft, Microsoft Exchange, MS Office, News, Patch Tuesday, Tenable, Trend Micro, Windows /

Microsoft patches three zero-days actively exploited by attackers 2025-10-15 at 13:18 By Zeljka Zorz On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. The actively exploited vulnerabilities are an unusual mix CVE-2025-24990 is in the third-party driver (ltmdm64.sys) for the software-based Agere Modem,

React to this headline:

Loading spinner

Microsoft patches three zero-days actively exploited by attackers Read More »

Maltrail: Open-source malicious traffic detection system

Don't miss, GitHub, Linux, malware detection, monitoring, News, open source, software, Threat Intelligence, traffic monitoring /

Maltrail: Open-source malicious traffic detection system 2025-10-15 at 08:30 By Sinisa Markovic Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available blacklists, as well as static lists compiled from antivirus reports and user-defined sources. These “trails” can include domain names, URLs,

React to this headline:

Loading spinner

Maltrail: Open-source malicious traffic detection system Read More »

Building trust in AI-powered security operations

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, News, Splunk, threat detection, Video /

Building trust in AI-powered security operations 2025-10-15 at 08:22 By Help Net Security In this Help Net Security video, James Hodge, VP, Global Specialist Organisation at Splunk, explores the transformative role of AI in cybersecurity threat detection. He explains how AI’s ability to process vast amounts of data and detect anomalies faster than humans is

React to this headline:

Loading spinner

Building trust in AI-powered security operations Read More »

The diagnosis is in: Mobile health apps are bad for your privacy

Android, Application Security, cybersecurity, data security, healthcare, medical data, News /

The diagnosis is in: Mobile health apps are bad for your privacy 2025-10-15 at 07:40 By Sinisa Markovic Sensitive data is moving through Android healthcare apps without adequate protection. Researchers found that many transmit information without encryption, store files without safeguards, or share it through third-party components. Study design showing data collection, static security analysis

React to this headline:

Loading spinner

The diagnosis is in: Mobile health apps are bad for your privacy Read More »

The power grid is getting old, and so is the cybersecurity protecting it

critical infrastructure, cybersecurity, ICS/SCADA, News, report /

The power grid is getting old, and so is the cybersecurity protecting it 2025-10-15 at 07:03 By Anamarija Pogorelec Critical infrastructure is getting older, and the cost of that decay is starting to show. The Arthur D. Little Built to Last? report says that the systems powering energy, water, and transport are reaching the end

React to this headline:

Loading spinner

The power grid is getting old, and so is the cybersecurity protecting it Read More »

What if your privacy tools could learn as they go?

Countly, data security, Don't miss, Features, framework, healthcare, Hot stuff, News, Privacy, research /

What if your privacy tools could learn as they go? 2025-10-14 at 11:49 By Mirko Zorz A new academic study proposes a way to design privacy mechanisms that can make use of prior knowledge about how data is distributed, even when that information is incomplete. The method allows privacy guarantees to stay mathematically sound while

React to this headline:

Loading spinner

What if your privacy tools could learn as they go? Read More »

The solar power boom opened a backdoor for cybercriminals

Bitdefender, CISO, critical infrastructure, cybersecurity, Don't miss, ENCS, energy sector, News, strategy, threats, tips /

The solar power boom opened a backdoor for cybercriminals 2025-10-14 at 11:49 By Sinisa Markovic Solar isn’t low risk anymore. Adoption has turned inverters, aggregators, and control software into attack surfaces capable of disrupting service and undermining confidence in the transition. Cyber threats expose weak spots in solar power systems Until recently, security risks in

React to this headline:

Loading spinner

The solar power boom opened a backdoor for cybercriminals Read More »

What Chat Control means for your privacy

Compliance, Don't miss, Europe, Features, Government, Hot stuff, News, Privacy, regulation, scanning, surveillance, Wire /

What Chat Control means for your privacy 2025-10-14 at 08:00 By Mirko Zorz The EU’s proposed Chat Control (CSAM Regulation) aims to combat child sexual abuse material by requiring digital platforms to detect, report, and remove illegal content, including grooming behaviors. Cybersecurity experts warn that such measures could undermine encryption, create new attack surfaces, and

React to this headline:

Loading spinner

What Chat Control means for your privacy Read More »

Security validation: The key to maximizing ROI from security investments

cyber resilience, cybersecurity, Don't miss, Hot stuff, investment, Mastercard, News, Picus Security, security ROI /

Security validation: The key to maximizing ROI from security investments 2025-10-14 at 08:00 By Help Net Security Every sizable organization invests heavily in firewalls, SIEMs, EDRs, and countless other technologies that form the backbone of a modern enterprise’s cyber defenses. Yet despite these significant investments, attackers continue to exploit misconfigurations, untested rules, and hidden dependencies

React to this headline:

Loading spinner

Security validation: The key to maximizing ROI from security investments Read More »

Cybersecurity jobs available right now: October 14, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: October 14, 2025 2025-10-14 at 08:00 By Sinisa Markovic Cyber Security Analyst I First Citizens Bank | USA | Remote – View job details As a Cyber Security Analyst, you will be responsible for developing skills related to the use of the standard intelligence cycle (collection, analysis, and dissemination) across

React to this headline:

Loading spinner

Cybersecurity jobs available right now: October 14, 2025 Read More »

Building a healthcare cybersecurity strategy that works

Artificial Intelligence, cybersecurity, Don't miss, Features, healthcare, Hot stuff, News, Ochsner Health, regulation, strategy /

Building a healthcare cybersecurity strategy that works 2025-10-13 at 09:41 By Mirko Zorz In this Help Net Security interview, Wayman Cummings, CISO at Ochsner Health, talks about building a healthcare cybersecurity strategy, even when resources are tight. He explains how focusing on areas like vulnerability management and network segmentation can make the biggest difference. Cummings

React to this headline:

Loading spinner

Building a healthcare cybersecurity strategy that works Read More »

AI-generated images have a problem of credibility, not creativity

cybersecurity, Don't miss, generative AI, News, strategy /

AI-generated images have a problem of credibility, not creativity 2025-10-13 at 08:34 By Sinisa Markovic GenAI simplifies image creation, yet it creates hard problems around intellectual property, authenticity, and accountability. Researchers at Queen’s University in Canada examined watermarking as a way to tag AI images so origin and integrity can be checked. Watermarking scenario overview

React to this headline:

Loading spinner

AI-generated images have a problem of credibility, not creativity Read More »

The five-minute guide to OT cyber resilience

critical infrastructure, cyber resilience, cybersecurity, Don't miss, e2e-assure, Hot stuff, ICS/SCADA, News, remote access, Video /

The five-minute guide to OT cyber resilience 2025-10-13 at 08:19 By Help Net Security In this Help Net Security video, Rob Demain, CEO of e2e-assure, explains the essentials of OT cybersecurity resilience. He discusses the importance of understanding remote access points, supply chain connections, and the need for specialized sensors to monitor OT networks that

React to this headline:

Loading spinner

The five-minute guide to OT cyber resilience Read More »

When hackers hit, patient safety takes the fall

cyberattacks, cybersecurity, Data Protection, healthcare, News, Proofpoint, report /

When hackers hit, patient safety takes the fall 2025-10-13 at 07:33 By Anamarija Pogorelec 93% of U.S. healthcare organizations experienced at least one cyberattack in the past year, with an average of 43 incidents per organization, according to Proofpoint. The study found that most of these attacks involved cloud account compromises, ransomware, supply chain intrusions,

React to this headline:

Loading spinner

When hackers hit, patient safety takes the fall Read More »

Attackers don’t linger, they strike and move on

Artificial Intelligence, cyberattacks, cybersecurity, Elastic, Malware, News, report /

Attackers don’t linger, they strike and move on 2025-10-13 at 07:26 By Anamarija Pogorelec Cyber attacks are happening faster than ever. Intrusions that once took weeks or months now unfold in minutes, leaving little time to react. Attackers move quickly once they gain access, aiming to run their payloads and get results before defenders can

React to this headline:

Loading spinner

Attackers don’t linger, they strike and move on Read More »

Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884)

CVE, Don't miss, Hot stuff, News, Oracle, vulnerability /

Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884) 2025-10-12 at 13:18 By Zeljka Zorz Oracle has revealed the existence of yet another remotely exploitable Oracle E-Business Suite vulnerability (CVE-2025-61884). About CVE-2025-61884 CVE-2025-61884 is a vulnerability in the Runtime user interface in the Oracle Configurator product of Oracle E-Business Suite (EBS). Like CVE-2025-61882 before

React to this headline:

Loading spinner

Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884) Read More »

Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited

News, Week in review /

Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited 2025-10-12 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How to get better results from bug bounty programs without wasting money The wrong bug bounty strategy can flood your team with low-value reports.

React to this headline:

Loading spinner

Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited Read More »

Why Managed Detection and Response (MDR) is Now Mission-Critical

Managed Detection and Response, News, Reports, Tips & Tricks /

Why Managed Detection and Response (MDR) is Now Mission-Critical 2025-10-10 at 16:16 By The digital landscape across Asia/Pacific (excluding Japan) (APEJ) is characterized by rapid growth in the acceptance of Managed Detection and Response (MDR), and driven by a corresponding surge in cyber threats, according to IDC’s just released report IDC MarketScape: Asia/Pacific (Excluding Japan)

React to this headline:

Loading spinner

Why Managed Detection and Response (MDR) is Now Mission-Critical Read More »

Apple offers $2 million for zero-click exploit chains

apple, bug bounty, Don't miss, Hot stuff, News /

Apple offers $2 million for zero-click exploit chains 2025-10-10 at 16:16 By Zeljka Zorz Apple bug bounty program’s categories are expanding and rewards are rising, and zero-click exploit chains may now earn researchers up to $2 million. “Our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilities discovered in beta software, can more

React to this headline:

Loading spinner

Apple offers $2 million for zero-click exploit chains Read More »

Scroll to Top